SPF Hosting: Which Brand Is Best For Your Site In 2018?

You've selected a combination of features that none of the web hosts we profile offer. We suggest you remove your last filter or reset & start again.

Ask Our Experts

Need help with your hosting? Tell us exactly what you are looking for and we’ll do our very best to help. Please allow one working day for a response.

Please fill in all fields.

Thanks! Your request has been sent. We'll reply within 24 hours.

Your NameYour EmailWhat kind of hosting are you searching for?

Recommended Host for SPF

The ability to combat email spoofing and spamming by implementing a Sender Policy Framework (SPF) record is included in many shared hosting plans. Just be sure to check with the hosting provider before entering a contract, and don’t hesitate to make use of their technical support to assist you in setting up the SPF since it can be a bit tricky. We’ve found Interserver to be a good choice for email protected by SPF records.

What is SPF Hosting?

Hold on, don't break out the sunblock just yet. We're talking about a whole other kind of SPF here. This is about Sender Policy Framework, which sounds kind of official and drab, but once you understand what it is, you'll see it's good for you, just like sunshine is in small doses. Sender Policy Framework (SPF) records help keep spam out of your inbox, but may be a little cumbersome to create depending on your hosting provider.

Why It's Needed

When Simple Mail Transfer Protocol (SMTP) was first devised as a way to send electronic messages, security was not one of the main concerns. As email became widely used, however, so did the threats to security.

In particular, SMTP has no way of ensuring that an email is from who it purports to be. In any email client, you can specify the name that will show up in the Sender field. You can even specify the email address that will show up when you send an email. These techniques are often used by malicious hackers to spoof, or forge, emails and lure unsuspecting victims into replying, clicking on a link in the email or some other action that would allow the hacker to gain access to their machine, accounts or personal information.

As these threats continued to develop, and gain in popularity and complexity, so did the need to add a layer of security and verification to SMTP.

How It Works

SPF is what helps combat this by providing a mechanism for email validation. It works by giving site administrators the ability to specify which hosts can send email from a domain. This information is included in the Domain Name System (DNS) records for that domain, in the form of a TXT record.

Once those specifications are made, mail exchangers can refer to the DNS to verify incoming mail is being sent by a host that has been allowed on that domain.

SPF Benefits

Implementing SPF can result in a number of benefits.

One significant benefit is the reduced likelihood of a domain being blacklisted by spam-filtering software. If spammers continually forge emails that appear to come from the same domain, eventually spam-filtering software will blacklist that domain, disregarding all emails from it. Implementing SPF reduces a domain's attractiveness to forgers and spammers, since it makes it easy for mail exchangers to quickly differentiate between valid and invalid email from a domain.

For the users of a particular domain, SPF can help cut down on the amount of backscatter. Backscatter is the bounced emails rejected by a mail receiver due to their being flagged as spam, or unsolicited email. Since SPF usually reduces the number of forged or spoofed emails that appear to come from a domain, as well as provides a mechanism for mail receivers to reject obvious forgeries, a reduction in backscatter is a natural side-effect.

In addition, if servers utilize SPF, mail receivers can use that information to build whitelists of legitimate addresses and domains.

How to Implement It

To add an SPF to your domain, you have a few options. You can often add an SPF through your domain registrar account. This is the company through which you originally registered your domain name.

If you've registered your domain through your hosting provider, you may also have access to create an SPF through your hosting account. This is especially the case if your hosting account is a virtual private server (VPS) or a dedicated server.

Some hosting providers, however, require that you request the addition of an SPF record, and they will add it for you. On the one hand, this may be convenient if you're unsure how to create an SPF record yourself, but can also be a hindrance if you want or need an SPF record created right away, but must wait for your hosting provider to respond to your request.

Points to Remember

Although it adds a layer of complexity, in terms of set up and maintenance, SPF can be a valuable resource in combating spam and email spoofing. In theory, the more companies and organizations use SPF, the greater the reduction of spam and spoofed emails, as SPF will allow organizations to build whitelists and easily disregard invalid and unsolicited email.

Check with your hosting company, as well as your domain registrar, to see what is involved in modifying your DNS records with the necessary SPF information.

Email

SPF Hosting Frequently Asked Questions

Generally speaking, Sender Policy Framework is nothing more than an email validation system meant to detect email spoofing

SPF provides the ability for receiving mail exchangers to verify that incoming email is sent from a host authorized by the domain’s administrators.

Where is the list of authorized sending hosts published?

The authorized sending hosts are published in the Domain Name System for a particular domain. It is formatted as a TXT record.

What are the primary benefits of using Sender Policy Framework?

When a domain publishes a Sender Policy Framework record, spammers and scammers are less likely to forge email accounts using that domain. The reason is simple: the forged email addresses are more likely to be picked off by spam filters.

In other words, a domain protected by Sender Policy Framework is less appealing to spammers, as there is a lesser chance their email will make it to the intended inbox.

What is the history associated with Sender Policy Framework?

In 2000, the first ideas surrounding Sender Policy Framework were brought to light. However, this did not mean much in terms of implementing such a specification.

In 2002, the IETF mailing list published Sender Policy Framework specifications. Publication of the list led to others doing the same, and over time it developed into the creation of the IETF Anti-Spam Research Group (ASRG).

Who uses Sender Policy Framework?

Many anti-spam software programs rely on Sender Policy Framework, such as ASSP and Spam Assassin.

There are also a variety of mail transfer agents that currently support Sender Policy Framework, including but not limited to Microsoft Exchange, MDaemon, Wildcat, CommuniGate Pro, and Courier.

Is Sender Policy Framework one of the primary methods of fighting spam?

There are many ways people fight spam, with Sender Policy Framework being one of the most common. The ability to efficiently implement this specification, as well as its effectiveness, are primary reasons in its continued growth as a spam fighter.

How do hosting companies and domain registrars help clients take advantage of Sender Policy Framework?

Implementing Sender Policy Framework may be simple, but that doesn't mean it is a “one click and you are done” type of change.

You need to verify with your hosting company and domain registrar that everything is set up in the appropriate manner.

You may need to make changes to your DNS records in order to take full advantage of the power of Sender Policy Framework.

Am I required to use Sender Policy Framework?

This depends on your situation.

If you don’t own the domain and the domain is associated with a Sender Policy Framework record, you have no choice.

If you are the owner of a domain, you have the option to decide if implementing Sender Policy Framework is something you want to do.

Those who opt against this open themselves up to spammers and hackers who are looking to use their domains as a cover for illegal activity.

What is the cost of using Sender Policy Framework specification?

This is a free specification that is typically an add-on offered by mail servers. You do not have to pay to use Sender Policy Framework, but you may want to check with your hosting company and registrar to learn more about this specification.

Why does Sender Policy Framework work when so many other anti-spam measures have fallen flat in the past?

Sender Policy Framework is not a magic pill that works 100 percent of the time. Spammers always find ways to accomplish their “goals.”

Even so, this specification has been proven more successful than others. When it comes to controlling and eliminating forged emails, Sender Policy Framework is the best solution.

Is there any reason to use Sender Policy Framework when my existing filters appear to do the job just fine?

The main reason is that you have the opportunity to protect your own domain. Sender Policy Framework, unlike spam filters, ensures that all your mail reaches you.

With traditional spam filters, this is not always the case. These have a way of losing legitimate mail, which can cause more harm than good.

Is Sender Policy Framework the same as SPF and Sender Permitted Form?

Yes and no. In today’s world, SPF stands for Sender Policy Framework. In the past, the specification was known as Sender Permitted Form. The change from the original name to the current name took place in 2004.

Are all hosting companies on board with using Sender Policy Framework?

Most providers realize the benefits of Sender Policy Framework, but some still require that users request the addition of a record, at which point it will be added.

For those who don't know how to create a Sender Policy Framework record, it is best to find a hosting company that adds this for you.